SBI, HDFC Bank and 230 other banking apps under malware attack! Here’s how to stay safe

published on January 5, 2018byAuthor rajtechnewsComments Off on SBI, HDFC Bank and 230 other banking apps under malware attack! Here’s how to stay safe

SBI, HDFC Bank and 230 other banking apps under malware attack! Here’s how to stay safe

An Android malware has been targeting over 232 banking apps including HDFC Bank and ICICI Bank, Quick Heal Security Labs has detected. Here’s the list of all Indian banking apps and tips to stay safe.

An Android malware has been targeting over 232 banking apps including SBI, HDFC Bank and ICICI Bank, Quick Heal Security Labs has detected. According to the IT solution provider, an Android Banking Trojan has been targeting more than 232 banking apps including those offered by Indian banks.

The banking malware is designed for stealing login credentials, hijacking SMSs, uploading contact lists and SMSs on a malicious server, displaying an overlay screen (to capture details) on top of legitimate apps and carrying out other such malicious activities.

The malware is known as Android.banker.A2f8a (Previously detected as Android.banker.A9480), according to Quick Heal Security Labs. The new malware is being distributed through a fake Flash Player app on third-party stores. “This is not surprising given that Adobe Flash is one of the most widely distributed products on the Internet. Because of its popularity and global install base, it is often targeted by attackers,” the IT solution company said in a statement.

The company has said that the malware throws continuous pop-ups, even if administrative rights are declined. “After installing the malicious app, it will ask the user to activate administrative rights. And even if the user denies the request or kills the process, the app will keep throwing continuous pop-ups until the user activates the admin privilege. Once this is done, the malicious app hides its icon soon after the user taps on it,” the company said.

If anyone of the targeted apps is found on the infected device, the app shows a fake notification on behalf of the targeted banking app. If the user clicks on the notification, they are shown a fake login screen to steal the user’s confidential info like net banking login ID and password.